Wireshark is a powerful network protocol analyzer that provides valuable insights into network traffic across each OSI model layer and the data transmitted between computers. Proficiency in filtering and analyzing HTTP requests is critical for network administrators, engineers, and cybersecurity professionals. This blog post will explore Wireshark and examine how to utilize display filters to focus exclusively on GET and POST packets in layer 7 HTTP traffic. By doing so, we can better understand HTTP traffic and identify potential security and network issues.

In some situations during your career as a security researcher or another area under the cybersecurity umbrella one may need the capability of decrypting application layer traffic such as HTTPS and WebSockets.

To decrypt HTTPS or WebSockets traffic, we can utilize mitmproxy to decrypt SSL/TLS and Wireshark to analyze that traffic. From a security context, we are essentially creating a man-in-the-middle condition locally.